package cn.bug.greenflag.config;

import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @program: qian_mianq
 * @description: security配置类
 * @author: 岳瀚
 * @create: 2022-09-18 16:31
 **/

@Slf4j
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    public SecurityConfiguration(){
        log.debug("自动加载SecurityConfiguration类");
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        //白名单
        String[] url = {
                "/doc.html",
                "/favicon.ico",
                "/**/*.js",
                "/**/*.css",
                "/swagger-resources",
                "/v2/api-docs",

                //TODO  临时卑职, 所有的请求都是白名单
                "/**"
        };

        //super.configure(http);
        http.authorizeRequests()
                .antMatchers(url)
                .permitAll()
                .anyRequest()
                .authenticated();
        // 关于防伪造的跨域攻击，默认只针对POST / PUT / DELETE / PATCH请求
        // 禁用防伪造的跨域攻击，注意：禁用后是存在风险的
        http.csrf().disable();

        http.formLogin();
    }
}
